package com.ruoyi.framework.config;

import javax.servlet.Filter;

import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;

/**
 * CAS客户端配置
 * 
 * @author ruoyi
 */
@Configuration
public class CasConfig
{
    @Value("${cas.server.url}")
    private String casServerUrl;
    
    @Value("${cas.service.url}")
    private String casServiceUrl;
    
    /**
     * 配置登出过滤器
     */
    @Bean
    public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener()
    {
        ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
        listener.setListener(new SingleSignOutHttpSessionListener());
        listener.setOrder(1);
        return listener;
    }
    
    /**
     * 配置单点登出过滤器
     */
    @Bean
    public FilterRegistrationBean<SingleSignOutFilter> singleSignOutFilter()
    {
        FilterRegistrationBean<SingleSignOutFilter> filterRegistration = new FilterRegistrationBean<>();
        filterRegistration.setFilter(new SingleSignOutFilter());
        filterRegistration.addUrlPatterns("/cas/*");
        filterRegistration.setOrder(2);
        return filterRegistration;
    }
    
    /**
     * 配置认证过滤器
     */
    @Bean
    public FilterRegistrationBean<AuthenticationFilter> authenticationFilter()
    {
        FilterRegistrationBean<AuthenticationFilter> filterRegistration = new FilterRegistrationBean<>();
        filterRegistration.setFilter(new AuthenticationFilter());
        filterRegistration.addUrlPatterns("/cas/*");
        filterRegistration.addInitParameter("casServerLoginUrl", casServerUrl + "/login");
        filterRegistration.addInitParameter("serverName", casServiceUrl);
        filterRegistration.setOrder(3);
        return filterRegistration;
    }
    
    /**
     * 配置票据验证过滤器
     */
    @Bean
    public FilterRegistrationBean<Cas20ProxyReceivingTicketValidationFilter> cas20ProxyReceivingTicketValidationFilter()
    {
        FilterRegistrationBean<Cas20ProxyReceivingTicketValidationFilter> filterRegistration = new FilterRegistrationBean<>();
        filterRegistration.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
        filterRegistration.addUrlPatterns("/cas/*");
        filterRegistration.addInitParameter("casServerUrlPrefix", casServerUrl);
        filterRegistration.addInitParameter("serverName", casServiceUrl);
        filterRegistration.addInitParameter("encoding", "UTF-8");
        filterRegistration.setOrder(4);
        return filterRegistration;
    }
    
    /**
     * 配置请求包装过滤器
     */
    @Bean
    public FilterRegistrationBean<HttpServletRequestWrapperFilter> httpServletRequestWrapperFilter()
    {
        FilterRegistrationBean<HttpServletRequestWrapperFilter> filterRegistration = new FilterRegistrationBean<>();
        filterRegistration.setFilter(new HttpServletRequestWrapperFilter());
        filterRegistration.addUrlPatterns("/cas/*");
        filterRegistration.setOrder(5);
        return filterRegistration;
    }
} 